What Is Zone? How To Setup Zone? What Is The Best Practice?

What Is Zone? How To Setup Zone? What Is The Best Practice?

Share: image001.png

Please click here for all contents shared by us.


      What is zone or zoning? How to setup a zone on Brocade or Cisco MDS SAN switches? What's the best practice of zoning? In this article we'll try to answer these questions.

Detailed Information

What is Zone?

      Zone is a logical configuration on FC-SAN switches. By adding the specific devices to a zone, the administrator can allow the devices to communicate with each other. Once a zone is configured, only the devices in this zone can talk with each other. If the device does not belong to this zone, it could not communicate with the devices in this zone.

      The switch vendors used to define two kinds of zones, the hard zone and soft zone. The difference is, the hard zone is implemented by the chip, while the soft zone is implemented by the software. Now they call Domain ID or port based zone as hard zone, and the WWN based zone as soft zone. Both of them are all controlled by chips now.

Zone Types:

1.     Domain ID/port (D,P) zone

This zone allows the devices connected to the ports to communicate with each other. The change of the device will not affect the zoning configuration. So you do not need to make any change to the zone configuration after replacing the host HBA card.

2.     WWPN/WWNN zone

This zone allows the devices who have the specified WWN to communicate with each other. It does not care the devices connect to which ports. Once the device moves to another port, there is no need to change the zone configuration. If the switch is connected NPIV devices, WWN zone is required.

3.     Mixed zone (session based hard zoning)

When a device uses D, P and WWN zones in two or more zones, the device will get into the mixed zone mode. In a mixed zone mode, the commutation relies on switch CPU’s software validation.

4.     LSAN zone

LSAN zone is only used when enabled FCR (Fibre Channel Routing). It allows the devices in different fabrics to communicate via the FC router. You must install Integrated Routing license to enable this feature.

5.     TI zone (Traffic Isolation Zone)

TI zone can specify one or more ISL (Inter Switch Link) dedicated for a zone, without any license.

6.     QoS (Quality of Service) zone

QoS zone indicates the priority of the traffic flow between a given host/target pair. You must install Adaptive Networking license to enable this feature.

Zoneset is a collection of zones. You can only enable one zoneset on a switch. All the active zonesets in one fabric must be consistent, or it would lead to a fabric segment problem.

Alias is to simplify the zoning configuration. For each device, you can setup the alias in advance, then use these alias to replace the D, P and WWN during the setup.

Both Cisco and Brocade switches have the default zones. It allows all the connected device to communicate with each other if there is no zone configured.

How to Setup Zone?

1.       Brocade CLI:

First create the alias for each zone, then create the zone and add the alias, create cfg (zoneset) and add the zones, finally enable the cfg.

Help manual:


Displays the current configuration:


Create/add, remove members/delete alias:

alicreate "aliName","member[; member...]"

aliadd "aliName","member[; member...]"

aliremove "aliName","member[; member...]"

alidelete "aliName"

Create/add, remove members/delete zone:

zonecreate "zonename", "member[;member...]"

zoneadd "zoneName", "member[;member...]"

zoneremove "zoneName", "member[;member...]"

zonedelete "zoneName"

Note: According to Zoning best practices, EMC recommends that each zone only has one initiator (host, VPLEX BE port, etc). Multiple initiators in one zone can lead to a few issues.

Create/add, remove members/delete cfg:

cfgcreate "cfgName", "member[;member...]"

cfgadd "cfgName", "member[;member...]"

cfgremove "cfgName", "member[;member...]"

cfgdelete "cfgName", "member[;member...]"

Save/enable cfg:


cfgenable "cfgName"

Note: Enable one cfg will disable other activated zone. There is only one activated cfg in a fabric.

Change the default zone configuration:

defzone [--noaccess | --allaccess | --show]

2.       Brocade GUI:

Open WebTools and click Zone Admin, then go to the Zone Admin page.

For V6.x.x version:


For V7.x.x version:


Once get into the Zone Admin page:


Create alias:


Click New or New Alias, enter the alias name:


Then add members:


Create cfg and add members:


Finally save and activate the cfg:


Click the Save Config button,to  changed save the cfg.

Click the Enable Config button, to activate the selected cfg.

Change the default zone configuration:


3.       Cisco CLI:

      The biggest difference between Cisco and Brocade switches is VSAN. Each VSAN can have its own zone and zoneset. Another one is enhanced zone and basic zone.

      The enhanced zone will create a session once the user tries to change the zone configuration, to prevent other users from changing the same configuration. Once enabled enhanced zone, you must commit the changes and close the session before the new configuration takes effect.

      The enhanced zone will automatically turn on the broadcasting zone. For MDS 9500 series, you must disable the broadcasting zone before enable the fourth-generation network interface module.

show commands:

# show fcalias vsan x

# show zoneset vsan x

# show active zoneset vsan x

# show zone status vsan x

Enable enhanced zone:

# configure terminal

(config)# zone mode enhanced vsan x

Change the alias:

(config)# fcalias name A123 vsan x

(config-fcalias)# member pwwn 10:00:00:00:00:00:00:00

(config-fcalias)# exit

(config)# zone commit vsan x

Change the zone:

(config)# zone name zone123 vsan x

(config-zone)# member interface fc1/1

(config-zone)# member pwwn 20:00:00:00:00:00:00:00

(config-zone)# member fcalias A123

(config-zone)# exit

(config)# zone commit vsan x

Change the zoneSet:

(config)# zoneset name zoneset123 vsan x

(config-zoneset)# member zone123

(config-zoneset)# exit

(config)# zone commit vsan x

Activate zoneset (valid only in basic zone mode):

(config)# zoneset activate name zoneset123 vsan 1

Disable zone’s broadcast:

(config)# no zone broadcast enable vsan x

4.       Cisco GUI (similar both in DCNM and DCFM):

Open GUI then click Edit Local Full Zone Database in the zone menu.


The zone admin page is like below:


Edit the fc-alias:



Edit zone:




Look for the corresponding WWN or device alias, click Add to Zone to add them to the zone


Edit the zoneset:

Drap the configured zone to the zoneset. Confirm the changes/Activate the zoneset:





The Best Practice of Zoning?

It is easy to setup a zone, but it not easy to do it well. So we would recommend:

1.       Using WWN zone (except for the customers who have special requirements or in a FICON environment). Here are the reasons:

1)      Port zone ensures the security by physical isolation, but WWN zone can allow the specify device to access the zone.

2)      Only WWN zone can be used in NPIV and AG environment

3)      Only WWN zone can be used in IVR/FCR and tape acceleration products.

2.       Using zoning and LUN masking together

Zoning takes effect in SAN switches while LUN masking does the job in storage.

3.       Alias name should be clear and understandable

4.       Do not use mixed zone mode in Brocade switches

There is a bug in v6.4.3 version which could make the host automatically logged out from the storage.

5.       Use enhanced zone for Cisco switches

This can prevent losing the zone configuration when multiple users change it.

6.     Turn off the default zone

This can avoid the unauthenticated access to the fabric.

For MDS switches running in NX-OS post 5.2(6), we recommend to use smart zoning. Smart Zoning combines the benefits of both approaches above:

    Simplicity of operational management with a Single Zone for all initiators and targets of an application or cluster.

    No wasted switch resources as with two member zones.

Please refer to Cisco article http://www.cisco.com/c/en/us/support/docs/storage-networking/zoning/116390-technote-smartzoning-00.h... for more details.


Labels (2)
12 Replies

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

using fcalias is not the best practices, device aliases is. Also please consider talking about SmartZoning as that negates some of the best practices your provided above.

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

Hi dynamox,

Thanks for reading the blog carefully and raising your opinion.

We are aware that device alias is a fabric wide feature and more convenient than fcalias. However, considering multiple bugs for device alias found in NX-OS v5.x working with DCNM, we still recommend our customer to use fcalias.

Smart zoning is a new feature introduced in 5.2(6) which saves a lot of time for SAN administrators to configure zoning.

We encourage customer to use this feature and have added some recommend into this article.

Thanks again for providing your valuable suggestion.

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

can you please point me to Cisco bug reports about device-aliases. We have been using devices aliases for at least 3 years and i have yet to find any issues.


0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

Hi Dynamox,

Here is a brief list of the related defects.

CSCtu03947 - Device-alias add/delete doesn't update client cache right away.

Affecting: 5.2.1, 5.2.2

Fixed in: 5.2(2)S71, 5.2(2.72)S0, 5.2(2a)S3, 7.0(1)ZD(0.3)

CSCtt20652 - DCNM SAN: Device Alias CFS Regions column does not sort

Affecting: 5.2.1

Fixed in: 6.2(0.18)S0

CSCuc04839 - Device-alias instead of fcalias in the document under DCNM control panel

Affecting: 5.2(7.9)

Fixed in: Release Pending

CSCtn77734 - FM Cannot purge deleted device-aliases they show as decommissioned

Affecting: 5.0(4a)

Fixed in: 5.0(4c)S2, 5.0(6.54)S

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

majority of those are bugs in really old 5.2.x branch of NX-OS. Folks should be on the latest 5.2.8 if only for the reason to address ShellShock vulnerabilities on NX-OS. These should not be a deterrent from using device aliases. Being able to see server name when you create IVR zones, when you run sh flogi database and others is just too great of an feature  to be not considered.

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

Below zone configuration is correct way configuration? I have noticed that one fabric it was configured with WWPN and other WWNN. Please help me on this. how to correct this? HBA1 Port WWN:10:00:00:00:c9:e1:87:1d Node WWN:20:00:00:00:c9:e1:87:1d HBA2 Port WWN: 10:00:00:00:c9:b9:52:db Node WWN: 20:00:00:00:c9:b9:52:db Switch A> zone:  z_WinHostSQL01_HBA1_SANCONB_1B                 50:0a:09:82:9d:c9:f1:5c                 10:00:00:00:c9:e1:87:1d zone:  z_WinHostSQL01_HBA1_SANCONA_0C                 50:0a:09:83:8d:c9:f1:5c                 10:00:00:00:c9:e1:87:1d zone:  z_WinHostSQL01_HBA1_SANCONA_1A                 50:0a:09:81:8d:c9:f1:5c                 10:00:00:00:c9:e1:87:1d zone:  z_WinHostSQL01_HBA1_SANCONB_0D                 50:0a:09:84:9d:c9:f1:5c Switch A> Switch B> zone:  z_WinHostSQL01_HBA2_SANCONA_0D                 50:0a:09:84:8d:c9:f1:5c                 20:00:00:00:c9:b9:52:db zone:  z_WinHostSQL01_HBA2_SANCONA_1B                 50:0a:09:82:8d:c9:f1:5c                 20:00:00:00:c9:b9:52:db zone:  z_WinHostSQL01_HBA2_SANCONB_0C                 50:0a:09:83:9d:c9:f1:5c                 20:00:00:00:c9:b9:52:db zone:  z_WinHostSQL01_HBA2_SANCONB_1A                 50:0a:09:83:9d:c9:f1:5c                 20:00:00:00:c9:b9:52:db Switch B>

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

zoning needs to be done using PWWN

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

Hi Teja1988,

Agree with dynamox, EMC recommends Soft/WWPN/pWWN zoning (over Hard/Port zoning).

0 Kudos

Re: What Is Zone? How To Setup Zone? What Is The Best Practice?

Hi I have performed the step 2 on second fiber. Please check and update me the same. 

stpe 1)

Switch B>
aliadd "WinHostSQL01_HBA2", "10:00:00:00:c9:b9:52:db"
aliremove "WinHostSQL01_HBA2", "20:00:00:00:c9:b9:52:db"

cfgenable "cfg_file"
Switch B>

Step 2)

Switch B>
aliadd "WinHostSQL01_HBA2", "10:00:00:00:c9:b9:52:db"

cfgenable "cfg_file"
Switch B>

I have just added new ali "WWPN" to the existing zone. It is okay to be put like this? any performance issue occur keeping WWPN and WWNN in same zone.


zone:  WinHostSQL01_HBA2_SANCONA_0D
zone:  WinHostSQL01_HBA2_SANCONA_1B
zone:  WinHostSQL01_HBA2_SANCONB_0C
zone:  WinHostSQL01_HBA2_SANCONB_1A


0 Kudos